An analysis on the dimensions of information security culture concept: A review
The cultivation of positive Information Security Culture (ISC) is an effective way to promote security behavior and practices among employees in the organization. However, there is yet a consensus on a standard set of dimensions for the ISC concept. ISC has been associated with many facets, with som...
| Main Authors: | , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Elsevier
2019
|
| Subjects: | |
| Online Access: | http://umpir.ump.edu.my/id/eprint/24131/ http://umpir.ump.edu.my/id/eprint/24131/7/An%20analysis%20on%20the%20dimensions%20of%20information%20security%20culture%20concept.pdf |
| _version_ | 1848821959523041280 |
|---|---|
| author | Akhyari, Nasir Ruzaini, Abdullah Arshah Mohd Rashid, Abdul Hamid Syahrul, Fahmy |
| author_facet | Akhyari, Nasir Ruzaini, Abdullah Arshah Mohd Rashid, Abdul Hamid Syahrul, Fahmy |
| author_sort | Akhyari, Nasir |
| building | UMP Institutional Repository |
| collection | Online Access |
| description | The cultivation of positive Information Security Culture (ISC) is an effective way to promote security behavior and practices among employees in the organization. However, there is yet a consensus on a standard set of dimensions for the ISC concept. ISC has been associated with many facets, with some overlapping dimensions found in the literature. There is little explanation, if any, as to why this happens or to what extent do variances of dimensions affects ISC concept and findings. This paper presents an analysis of the different dimensions in conceptualizing the ISC. Eight major databases including Web of Science, Scopus and Google Scholar were systematically exhausted using PRISMA and a total of 79 studies from 2000 to 2017 was selected for analysis. While different approaches such as adopted theories affect the dimensions of ISC, our analysis also covered other contributing factors such as the objective of the study, type of organization under study and the information security maturity level. In addition, we found no evidence of a set of widely accepted concepts and dimensions for ISC. This review provides substantial evidence on the numerous dimensions used in ISC and could be utilized by academicians as a reference in ISC-related studies. |
| first_indexed | 2025-11-15T02:33:38Z |
| format | Article |
| id | ump-24131 |
| institution | Universiti Malaysia Pahang |
| institution_category | Local University |
| language | English |
| last_indexed | 2025-11-15T02:33:38Z |
| publishDate | 2019 |
| publisher | Elsevier |
| recordtype | eprints |
| repository_type | Digital Repository |
| spelling | ump-241312025-07-22T03:40:53Z http://umpir.ump.edu.my/id/eprint/24131/ An analysis on the dimensions of information security culture concept: A review Akhyari, Nasir Ruzaini, Abdullah Arshah Mohd Rashid, Abdul Hamid Syahrul, Fahmy QA75 Electronic computers. Computer science The cultivation of positive Information Security Culture (ISC) is an effective way to promote security behavior and practices among employees in the organization. However, there is yet a consensus on a standard set of dimensions for the ISC concept. ISC has been associated with many facets, with some overlapping dimensions found in the literature. There is little explanation, if any, as to why this happens or to what extent do variances of dimensions affects ISC concept and findings. This paper presents an analysis of the different dimensions in conceptualizing the ISC. Eight major databases including Web of Science, Scopus and Google Scholar were systematically exhausted using PRISMA and a total of 79 studies from 2000 to 2017 was selected for analysis. While different approaches such as adopted theories affect the dimensions of ISC, our analysis also covered other contributing factors such as the objective of the study, type of organization under study and the information security maturity level. In addition, we found no evidence of a set of widely accepted concepts and dimensions for ISC. This review provides substantial evidence on the numerous dimensions used in ISC and could be utilized by academicians as a reference in ISC-related studies. Elsevier 2019 Article PeerReviewed pdf en http://umpir.ump.edu.my/id/eprint/24131/7/An%20analysis%20on%20the%20dimensions%20of%20information%20security%20culture%20concept.pdf Akhyari, Nasir and Ruzaini, Abdullah Arshah and Mohd Rashid, Abdul Hamid and Syahrul, Fahmy (2019) An analysis on the dimensions of information security culture concept: A review. Elsevier Journal of Information Security and Applications, 44. pp. 12-22. ISSN 2214-2126. (Published) https://doi.org/10.1016/j.jisa.2018.11.003 https://doi.org/10.1016/j.jisa.2018.11.003 |
| spellingShingle | QA75 Electronic computers. Computer science Akhyari, Nasir Ruzaini, Abdullah Arshah Mohd Rashid, Abdul Hamid Syahrul, Fahmy An analysis on the dimensions of information security culture concept: A review |
| title | An analysis on the dimensions of information security culture concept: A review |
| title_full | An analysis on the dimensions of information security culture concept: A review |
| title_fullStr | An analysis on the dimensions of information security culture concept: A review |
| title_full_unstemmed | An analysis on the dimensions of information security culture concept: A review |
| title_short | An analysis on the dimensions of information security culture concept: A review |
| title_sort | analysis on the dimensions of information security culture concept: a review |
| topic | QA75 Electronic computers. Computer science |
| url | http://umpir.ump.edu.my/id/eprint/24131/ http://umpir.ump.edu.my/id/eprint/24131/ http://umpir.ump.edu.my/id/eprint/24131/ http://umpir.ump.edu.my/id/eprint/24131/7/An%20analysis%20on%20the%20dimensions%20of%20information%20security%20culture%20concept.pdf |